To be part of Societe Generale European Business Services means to work in a dynamic and active environment where your work has a real impact in the company's activity.
Our teams work in an Agile mode and are constantly encouraged to collaborate in transversal projects through which they can learn and adapt together in order to contribute to the growth of our center of excellence.
Within the Société Générale group, you will join Global Technology Services (GTS), which is the IT entity in charge of infrastructure. SPAM-Phishing analyst is in charge with analyze the external threats like phishing and spam emails and log them in incident management tool.
Your Role in a Nutshell:
· Analyse the external threats like phishing and spam emails and log them in incident management tool;
· Categorize malicious URL, use security tools (i.e. FAME) to detect malicious attachments. Send the result to SOC (Security Operations Centre) CyberDefence for investigations;
· Handling the first level assessment of anomalies generated by the DLP control based on defined criteria.The anomalies managed every day must be reviewed in order to ensure if they need to be escalated to level 2 for a complementary assessment;
· Notify the control owner if you detect any strange behavior of specific rule (for example a large number of anomalies generated during a specific period) and propose “validated practice” based on pattern of anomalies identified which will be used to optimize detection capability.
Ideal candidate profile
A little about you:
· 1-5 years experience as Information Security Analyst in Risk Investigation, Controls, Reporting and processes (Predominantly in Operations and Controls);
· Graduate / Post Graduate;
· Good to have CEH, Understanding of ISO 27001, IT Security background;
· Fluent in French and English is must;
· Good knowledge of Information Security topics;
· Good command of Microsoft Office;
· Ability to perform incident review and assessment (risk analysis, user activity, access anomalies and threat activity.
We also value:
· Communication skills to liaise with various stakeholders and share knowledge within the team;
· Adaptability skills to deal with different situations (different topics, different stakeholders, different IT applications…);
· Ability to prioritize and multi task activities based on daily actions in queue.
· Pragmatism skills to quickly identify relevant information and focus on risks;
· Challenging skills to be able to qualify properly anomalies;
· Team spirit skills;
· Confidentiality skills.